Virtual ID been in books for years, not cover-up for data breach: UIDAI chief

Posted January 12th, 2018, 10:18 AM IST

New Delhi: Virtual ID, the 16 digit randomly generated number that people can use as a replacement for their Aadhaar number is added security and does not indicate a loophole in earlier security architecture.

Ajay Bhushan Pandey, the chief executive officer of Unique Identification Authority of India (UIDAI) said that the virtual ID would prevent profiling the crores of people who had enrolled for the unique identification number, according to a report in NDTV.

This does not, however, mean that the earlier security system allowed profiling, but privacy concerns were raised because "may be at some later day, somebody may start linking Aadhaar number with various databases and then some profiling could be done," he added.

Pandey said the virtual ID, or the "pseudo Aadhaar number" can be generated from a mobile application or the UIDAI website.

"What we have done is that we have given a facility to people that you can generate a pseudo Aadhaar number. It is like a camouflaged Aadhaar number, where you go to our website, and then enter your own Aadhaar number. One OTP (One Time Password) comes to your mobile number registered in the Aadhaar database and then a 16-digit number is sent to you," he said.

This would ensure that the agency seeking to authenticate an individual's identity would not have access to an original Aadhaar number.

They would have to send over the virtual ID and the individual's biometric details to the UIDAI, who would then electronically match the virtual ID and report the authenticity of the individual.

Pandey continued to stress that the earlier system did not have loopholes and this measure was not introduced to cover it up. This idea, he said, has been in the books since the first conceptualisation of the Aadhaar system, but was put on hold at the time.

"And at that time, it was felt that let us first give Aadhaar number, let us see how it plays out and then, at an appropriate time, this will be introduced," he said.

The executive officer also stressed the importance of continuous evolution in security systems as privacy concerns are changing.

"Let us say, about 20 years back, the people... their privacy concerns were quite different from the privacy concerns in 2018, and the privacy concerns and security concerns will be quite different five years hence. So therefore, today we need to see what are the privacy concerns and what are the measures that we have to take," he said.

The Virtual ID will be a temporary and revocable 16 digit random number mapped to a person's Aadhaar number and the Aadhaar-issuing body will start accepting it from March 1, 2018.